Question

我有一个像这样的控制器：

@RestController
public class SecureController {

    private static final Logger logger = LoggerFactory.getLogger(SecureController.class);

    @RequestMapping(value={"/secure"},
                    method=RequestMethod.GET)
    public ResponseEntity<?> getSecure() {
        String str = "Security Area? -- GET";

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication instanceof AnonymousAuthenticationToken)) {
            String currentUserName = authentication.getName();
            str = str + " -- " + currentUserName + "\n\n";
        }

        return new ResponseEntity<>(str, HttpStatus.OK);
    }

    @RequestMapping(value={"/secure"},
                    method=RequestMethod.POST)
    public ResponseEntity<?> postSecure() {
        String str = "Security Area? -- POST";

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication instanceof AnonymousAuthenticationToken)) {
            String currentUserName = authentication.getName();
            str = str + " -- " + currentUserName + "\n\n";
        }

        return new ResponseEntity<>(str, HttpStatus.OK);
    }

    @RequestMapping(value={"/secure/sub"},
                    method=RequestMethod.GET)
    public ResponseEntity<?> getSecureSub() {
        String str = "Security area subpage -- GET";

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication instanceof AnonymousAuthenticationToken)) {
            String currentUserName = authentication.getName();
            str = str + " -- " + currentUserName + "\n\n";
        }

        return new ResponseEntity<>(str, HttpStatus.OK);
    }

    @RequestMapping(value={"/secure/list"}, method=RequestMethod.GET)
    public ModelAndView getSecureList() {
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("listpage.html");
        return modelAndView;
    }

    @RequestMapping(value={"/login"}, method=RequestMethod.GET)
    public ModelAndView getLogin(@RequestParam(value="logout", required=false) String logout,
                                 @RequestParam(value="error", required=false) String error) {

        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("loginpage.html");
        return modelAndView;
    }
}

WebSecurity就像：

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .csrf().disable()
        .authorizeRequests()
        .antMatchers("/secure/**").fullyAuthenticated()
        .antMatchers("/login").fullyAuthenticated()
        .antMatchers(HttpMethod.GET, "/login").permitAll()
        .and()
        .formLogin().loginPage("/login").failureUrl("/login?error").defaultSuccessUrl("/secure/list", true).permitAll()
        .and()
        .logout();
}

这似乎有用。

我正在测试一些安全性的东西......无论如何，当进入登录页面时，loginpage.html被渲染得很好。它POST到/ login，一切正常。

直到您尝试转到/ secure / list。然后是404s。路径存在，listpage.html与loginpage.html存在于同一目录中，我知道它找到了它，因为如果我将名称更改为list.html，它会给我一个关于循环路线的例外。

无论如何，/ secure / sub路由工作正常。因此，基于此，似乎ModelAndView没有问题，并且子路由没有问题但是由于某些原因，当它们一起使用时，会出现问题。

为什么给我404？

一些日志：

2017-11-09 17:52:49.865 DEBUG 9020 --- [nio-8088-exec-4] o.s.w.s.v.ContentNegotiatingViewResolver : Requested media types are [text/html, application/xhtml+xml, image/webp, application/xml;q=0.9, */*;q=0.8] based on Accept header types and producible media types [*/*])
2017-11-09 17:52:49.865 DEBUG 9020 --- [nio-8088-exec-4] o.s.w.servlet.view.BeanNameViewResolver  : No matching bean found for view name 'listpage.html'
2017-11-09 17:52:49.866 DEBUG 9020 --- [nio-8088-exec-4] o.s.w.servlet.view.BeanNameViewResolver  : No matching bean found for view name 'listpage.html.html'
2017-11-09 17:52:49.867 DEBUG 9020 --- [nio-8088-exec-4] o.s.w.s.v.ContentNegotiatingViewResolver : Returning [org.springframework.web.servlet.view.JstlView: name 'listpage.html'; URL [listpage.html]] based on requested media type 'text/html'
2017-11-09 17:52:49.868 DEBUG 9020 --- [nio-8088-exec-4] o.s.web.servlet.DispatcherServlet        : Rendering view [org.springframework.web.servlet.view.JstlView: name 'listpage.html'; URL [listpage.html]] in DispatcherServlet with name 'dispatcherServlet'
2017-11-09 17:52:49.868 DEBUG 9020 --- [nio-8088-exec-4] o.s.web.servlet.view.JstlView            : Forwarding to resource [listpage.html] in InternalResourceView 'listpage.html'
2017-11-09 17:52:49.869 DEBUG 9020 --- [nio-8088-exec-4] o.s.web.servlet.DispatcherServlet        : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/secure/listpage.html]
2017-11-09 17:52:49.870 DEBUG 9020 --- [nio-8088-exec-4] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /secure/listpage.html
2017-11-09 17:52:49.875 DEBUG 9020 --- [nio-8088-exec-4] s.w.s.m.m.a.RequestMappingHandlerMapping : Did not find handler method for [/secure/listpage.html]
2017-11-09 17:52:49.875 DEBUG 9020 --- [nio-8088-exec-4] o.s.w.s.handler.SimpleUrlHandlerMapping  : Matching patterns for request [/secure/listpage.html] are [/**]
2017-11-09 17:52:49.875 DEBUG 9020 --- [nio-8088-exec-4] o.s.w.s.handler.SimpleUrlHandlerMapping  : URI Template variables for request [/secure/listpage.html] are {}
2017-11-09 17:52:49.875 DEBUG 9020 --- [nio-8088-exec-4] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapping [/secure/listpage.html] to HandlerExecutionChain with handler [ResourceHttpRequestHandler [locations=[ServletContext resource [/], class path resource [META-INF/resources/], class path resource [resources/], class path resource [static/], class path resource [public/]], resolvers=[org.springframework.web.servlet.resource.PathResourceResolver@7383eae2]]] and 1 interceptor
2017-11-09 17:52:49.876 DEBUG 9020 --- [nio-8088-exec-4] o.s.web.servlet.DispatcherServlet        : Last-Modified value for[/secure/listpage.html] is: -1
2017-11-09 17:52:49.878 DEBUG 9020 --- [nio-8088-exec-4] o.s.web.servlet.DispatcherServlet        : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
2017-11-09 17:52:49.878 DEBUG 9020 --- [nio-8088-exec-4] o.s.web.servlet.DispatcherServlet        : Successfully completed request


ls src/main/resources/static/
listpage.html  loginpage.html

Answer 1

您将控制器定义为@RestController，导致访问secure/list页面时出错。我的建议是使用@Controller注释而不是@RestController创建另一个控制器。

@Controller
public class SecureListController {
    @RequestMapping(value={"/secure/list"}, method=RequestMethod.GET)
    public ModelAndView getSecureList() {
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("listpage.html");
        return modelAndView;
    }    
}

Answer 2

对我来说，增加百里香叶依赖性解决了这个问题。

<dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>

方法

@GetMapping("item")
public ModelAndView getItems() {
    return new ModelAndView("item");
}

ModelAndView上的SpringBoot 404

2 个答案: